Hello Readers,
I attended my first SANSfire, and to be honest first SANS event, this week. If you've been following my tweets (that is weird to type out, but... that's our world now) you would have seen that I've signed up to write a SANS course along with Alissa Torres and Jake Williams called 'Offensive Forensics' known in sans terms as FOR 668. I'm very excited about this class as it will be the outlet of all the file system journaling research that you've seen demos of applied in real and practical ways. The class won't be out until next year but we've officially begun work on it and I think everyone dealing with advanced adversaries (internal or external) will benefit from it.
I'll write more about the class later but now onto the point of this blog post. Spending a week at SANSfire I got to spend the week talking to fellow SANS faculty and my coauthors which lead me to hear about Lenny Zeltser's year long daily blogs. I was intrigued by the idea, I am terrible at regular blogging as I try to think up important things to talk about and new research that I feel I can disclose. In a discussion though Rob Lee pointed out that most people don't need the bleeding edge from a daily read, they just want more information into how things work forensically and interesting topics/stories.
So with that in mind, I am going to begin a mission to write one blog entry a day for the next year with the idea that whether long or short I'll just keep passing along those things that I think are interesting, important, misunderstood, etc... as well as updates on the new book (Hacking Exposed Computer Forensics 3rd Edition) and the new course as we move forward.
So at this point I am going to turn it over to you, reader. What do you want to know about? I don't want to resort to recipes (which my wife says is what people actually want to read) so I'm hoping you can shed some light and what actually interests you!
Please leave a comment below, I allow anonymous comments, and lets talk. I would like this to be experiment that benefits the community as a whole.
I attended my first SANSfire, and to be honest first SANS event, this week. If you've been following my tweets (that is weird to type out, but... that's our world now) you would have seen that I've signed up to write a SANS course along with Alissa Torres and Jake Williams called 'Offensive Forensics' known in sans terms as FOR 668. I'm very excited about this class as it will be the outlet of all the file system journaling research that you've seen demos of applied in real and practical ways. The class won't be out until next year but we've officially begun work on it and I think everyone dealing with advanced adversaries (internal or external) will benefit from it.
I'll write more about the class later but now onto the point of this blog post. Spending a week at SANSfire I got to spend the week talking to fellow SANS faculty and my coauthors which lead me to hear about Lenny Zeltser's year long daily blogs. I was intrigued by the idea, I am terrible at regular blogging as I try to think up important things to talk about and new research that I feel I can disclose. In a discussion though Rob Lee pointed out that most people don't need the bleeding edge from a daily read, they just want more information into how things work forensically and interesting topics/stories.
So with that in mind, I am going to begin a mission to write one blog entry a day for the next year with the idea that whether long or short I'll just keep passing along those things that I think are interesting, important, misunderstood, etc... as well as updates on the new book (Hacking Exposed Computer Forensics 3rd Edition) and the new course as we move forward.
So at this point I am going to turn it over to you, reader. What do you want to know about? I don't want to resort to recipes (which my wife says is what people actually want to read) so I'm hoping you can shed some light and what actually interests you!
Please leave a comment below, I allow anonymous comments, and lets talk. I would like this to be experiment that benefits the community as a whole.
Dave,
ReplyDeleteCongrats on being able to write a SANS course. Have you taught, or co-taught one yet? Good luck with it.
I'm interested to see what you blog about, as well.
Hi Harlan,
DeleteHave not taught or co-taught one yet. It's a long road from yes you can write a course for us and yes you can teach for us. I have a long road of teaching classes before I'm considered a 'certified instructor' to be able to prove that not only do I know the material but I can successfully teach and present the class as well.